1. Field
The invention disclosed and claimed herein generally pertains to a method for authenticating users of servers and other target endpoints, in an environment such as an IT service environment that includes a ticketing system for receiving service requests, and a service delivery system for responding to the requests. More particularly, the invention pertains to a method of the above type wherein a unique ticket identification code or ticket ID is assigned to a service request, and a virtual token derived from the given ticket ID is used for multi-factor authentication, such as second factor authentication.
2. Description of the Related Art
Vendors of information technology (IT) and other computer related products and services frequently make resources available to customers, such as a service ticketing system or the like, for use in resolving customer issues. These issues may include, by way of example, problems and incidents reported by customers, and customer product change requests. In order to address a particular issue, a customer may submit a service request pertaining to the issue to a ticket system of the above type. Upon receiving the service request, the ticket system assigns a ticket identifier (ID), comprising a unique numeric or alphanumeric code or the like, to the request.
A ticketing system of the above type may be referred to as a front end system, i.e., a system used by customers to interact with their vendor or service provider. After a service request has been entered and given a unique ticket ID, the request is incorporated into a ticket, which is routed to a back end system operated by one or more service staff members of the vendor or service provider. Each service staff member uses the back end system to take actions directed to resolving or complying with the ticketed service request. By assigning a unique ticket ID to the request ticket as described above, the front end ticket system can effectively manage processing of the service request by the back end system, in order to ensure that the request is responded to in a timely and satisfactory manner.
In arrangements of the above type, users of the back end system must be able to access certain servers or other resources, which typically require user authentication. Moreover, policies or regulations may require multi-factor authentication of users, such as second factor authentication. As is known by those of skill in the art, multi-factor authentication requires presentation by a user of two or more of the three currently acknowledged authentication factors. The first factor comprises something the user knows, e.g., a password or PIN. The second factor comprises something the user has, e.g., an ATM card, a smart card or a token, including virtual, software and connected and disconnected tokens. The third factor comprises something the user is, e.g., a biometric characteristic such as a fingerprint or eye retina.
In view of the above, it would be very beneficial to significantly improve or enhance the efficiency of multi-factor user authentication, and particularly second factor authentication.